Skip to content
Snippets Groups Projects
Commit e1386ba6 authored by jwfang's avatar jwfang
Browse files

only patch system:kube-dns role for old dns

parent 83deecb9
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
roles/kubernetes-apps/ansible/tasks/main.yml
+ 4
3
View file @ e1386ba6
...@@ -26,8 +26,7 @@ ...@@ -26,8 +26,7 @@
- rbac_enabled or item.type not in kubedns_rbac_resources - rbac_enabled or item.type not in kubedns_rbac_resources
tags: dnsmasq tags: dnsmasq
# see https://github.com/kubernetes/kubernetes/issues/45084 # see https://github.com/kubernetes/kubernetes/issues/45084, only needed for "old" kube-dns
# TODO: this is only needed for "old" kube-dns
- name: Kubernetes Apps | Patch system:kube-dns ClusterRole - name: Kubernetes Apps | Patch system:kube-dns ClusterRole
command: > command: >
{{bin_dir}}/kubectl patch clusterrole system:kube-dns {{bin_dir}}/kubectl patch clusterrole system:kube-dns
...@@ -40,7 +39,9 @@ ...@@ -40,7 +39,9 @@
} }
] ]
}' }'
when: dns_mode != 'none' and inventory_hostname == groups['kube-master'][0] and rbac_enabled when:
- dns_mode != 'none' and inventory_hostname == groups['kube-master'][0]
- rbac_enabled and kubedns_version|version_compare("1.11.0", "<", strict=True)
tags: dnsmasq tags: dnsmasq
- name: Kubernetes Apps | Start Resources - name: Kubernetes Apps | Start Resources
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment